Comments on: Experts Get Serious About Cloud Security

By: Cloud security « Eikonal Blog

Cloud security « Eikonal Blog — Fri, 19 Nov 2010 22:04:29 +0000

[...] “Experts Get Serious About Cloud Security” by Derrick Harris (GigaOm; 2009.03.31) – http://gigaom.com/2009/03/31/experts-get-serious-about-cloud-security/ [...]

By: Can Intel and $50B in IT Budgets Achieve Open Clouds?: Cloud «

Can Intel and $50B in IT Budgets Achieve Open Clouds?: Cloud « — Wed, 27 Oct 2010 19:42:46 +0000

[...] their work will align. Throwing the ODCA and Cloud Builders into a mix that already includes the Cloud Security Alliance, CloudAudit, DMTF, NIST, the TM Forum, The Open Group and plenty of others could further complicate [...]

By: Can the Open Group Become the RightScale of Cloud Standards?

Can the Open Group Become the RightScale of Cloud Standards? — Mon, 17 Aug 2009 02:18:08 +0000

[...] cloud computing for about a year and already has liaised with the Open Cloud Manifesto group, the Cloud Security Alliance (CSA), and the Cloud Computing Interoperability Forum, among [...]

By: Will Cloud-based Mobile Enterprise Apps Ever Catch Up?

Will Cloud-based Mobile Enterprise Apps Ever Catch Up? — Thu, 30 Jul 2009 16:38:46 +0000

[...] hurdles when it comes to developing enterprise cloud-based mobile applications, such as addressing security concerns and ensuring the availability of data and consistent performance. Addressing these [...]

By: With Commercialization of the Cloud, It’s Déjà vu

With Commercialization of the Cloud, It’s Déjà vu — Sun, 05 Jul 2009 16:06:02 +0000

[...] integrate into existing IT environments easily and address the common concerns around privacy, security, integrity, performance and availability. Widespread adoption, in other words, is already [...]

By: MSIS 500 Information Security Overview | Technology School at CityU of Seattle

Thu, 04 Jun 2009 15:56:41 +0000

[...] Experts Get Serious About Cloud Security (gigaom.com) Filed under: Information Security Tags: Business, Consultants, Information Security, PCI DSS, Risk management, Security [...]

By: Security Is In The Air – Are The SaaS Vendors Ready? | CloudAve

Security Is In The Air – Are The SaaS Vendors Ready? | CloudAve — Wed, 22 Apr 2009 07:05:38 +0000

[...] Single Sign-On for the Cloud (readwriteweb.com) The safest place to store your data (cbc.ca) Experts Get Serious About Cloud Security (gigaom.com) FTC urged to investigate Google’s hosted services (macworld.com) Can the Cloud survive [...]

By: Clouds Can Be Secured, So Let’s Talk About the Real Issues

Clouds Can Be Secured, So Let’s Talk About the Real Issues — Mon, 06 Apr 2009 23:01:29 +0000

[...] Stacey Higginbotham | Monday, April 6, 2009 | 4:00 PM PT | 0 comments Last week the Washington Post published a big article in which it lists a variety of software-as-a-service applications trying to get government business, and notes how many federal agencies are leery of things like Google Docs and cloud storage because of perceived security concerns. I came away from it thinking what a shame it is that the government, and likely many average citizens, has such a bad perception of cloud security when in fact their own internal networks are not likely to be nearly as well guarded. [...]

By: Cloud Security Alliance – A Solid First Step | CloudAve

Cloud Security Alliance – A Solid First Step | CloudAve — Thu, 02 Apr 2009 07:34:49 +0000

[...] articles by Zemanta Experts Get Serious About Cloud Security (gigaom.com) Cloud Jackin, Hacking the Cloud (elasticvapor.com) RSA 2009 Conference Session on [...]

By: Julien Courbe

Julien Courbe — Wed, 01 Apr 2009 17:38:05 +0000

The introduction of the Cloud Security Alliance (CSA) is a great addition to the cloud computing market and will no doubt keep a watchful eye on the innovations and regulations that are created. With the notice of attacks on GoGrid, the launch of the CSA is justified as documentation can take place to hinder future attacks in similar circumstances. With many corporations becoming more comfortable with the cloud and new vendors jumping into the market every day, a larger security alliance is just what cloud computing needs to oversee its development. – Julien Courbe, BearingPoint

By: Ed Laczynski

Ed Laczynski — Wed, 01 Apr 2009 04:18:12 +0000

This confirms some of the inevitability of the Cloud. The economy, the political climate, and the technology are coming together.

On a lighter note, Good Harbor Consulting (where Kurtz works) is led by Richard Clark, former White House Security Advisor. So it carries some weight. http://idisposable.net/2009/03/31/jack-bauer-says-the-cloud-is-ready-for-the-enterprise-sort-of/

By: Derrick Harris

Derrick Harris — Tue, 31 Mar 2009 22:09:58 +0000

Maybe we spoke too soon. GoGrid just got tagged by a DDoS attack that downed some customers.

You can find some details at http://www.gogridstatus.com/.

By: Brian DaBinett

Brian DaBinett — Tue, 31 Mar 2009 21:16:39 +0000

There are several elements, as Alan says above, there is the underwriting of Cloud providers (or hosting centers as they used to be called about 3 months ago) then there is a requirement for federated services to enable smooth roaming of user identity from one provider to another to access different resources; combined with the need for an increase in bandwidth and speed (which is something that a lot of the world still struggles with outside of metropolitan areas).

But security is the key issue; whilst organisations are happy to outsource discreet silos of information (such as those using Salesforce) there are still major security concerns with no mechanism for end point analysis or integrity checking and feedback to allow for sense and respond functionality within the applications (e.g. the client has AV but not on a known device so certain functions are disabled within the application).

Until these types of issues are resolved then Cloud will struggle as did Application Service Provision (ASP) at the turn of the century.

Thanks

brian

By: Alan Wilensky

Alan Wilensky — Tue, 31 Mar 2009 16:18:15 +0000

I think that cloud viability goes beyond SAS70 and data security. The real question is whether the big market slice of small and medium biz owners that wish to cut from internal to hosted grid….can get insurance underwriting to cover continuity. There is no policy underwriting for thinly capitalized cloud providers, and likewise, no one willing to insure business application performance even when running on the giants.